package com.woniuxy.movice.aspect;

import javax.security.auth.message.AuthException;
import javax.servlet.http.HttpSession;

import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;

import com.woniuxy.movice.entity.Users;
import com.woniuxy.movice.util.EmptyUtil;


/**
 * 权限认证切面
 * @author Administrator
 *
 */
@Aspect
@Component
public class AuthorizeAspect {
	@Pointcut("execution(public * com.woniuxy.movice.handler.OrderHandler.*(..))")
	public void verify(){} 
	
	@Before("verify()")
	public void doVerify(JoinPoint joinPoint) throws AuthException{
		Object[] args = joinPoint.getArgs();
		for(int i=0;i<args.length;i++){
			if(args[i] instanceof HttpSession){
				HttpSession session=(HttpSession) args[i];
				Users user=(Users) session.getAttribute(session.getId());
				if(EmptyUtil.isEmpty(user)){
					throw new AuthException("用户未登录");
				}
			}
		}
	}
}
